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Fig. 1 
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Fig. 2 
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Fig. 4 
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Fig. 5 
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Data flow 

Program control flow 
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Policy 

Recording r-^j ~7 

Browser lIU. ' 

l_ DataToRecord ^ 

P l_URl^Yes 

UsubmittedFields=Yes 
I t- passwords=Yes 

nifCreditCardNurnberSub^tted 
ClfPas SW ordSubnutted=Yes 
E-lfKeywordsReceived=Yes 
I LifKsywordsSentpYes 

Email _ . 

l_- DataToRecord 

' -'^sisaedMessa^ 
UMessageText=Yes 
l_Attachments=No 
-SignedMessage^Yes 
LMessageText=Yes 
L- Attackments=Yes 
L Certificates=Yes 

P l-MessageText=Yes 
1 L Attachmerits=No 
LsignedMessages=Yes 

t-MessageText^Yes 
L Attachments=Yes 
UCertificates^Yes 

-WhenToRecord 

L^dlContainsKeror^Yes 
LifMaillsDigitallyS^^Yes 

UReceivedMail 

t^tlcontainsKeywor^ 
l-IfMailIsDigitallySigned=Yes 



8/18 



, scan transmission buffer 
[ Sr next all-digit string \ajS\&L 

(CCN candidate) 



Fig. 8 
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End 
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Calculate Luhn 
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candidate 




^L—S. — 



No valid CCN found in 

buffer - allow 
transmission to server. 



Transaction denied - 
prevent transmission to 

server. 



j^sadion approved - 
allow transmission to 
server. 



End) 



S.JSO 
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■SOI 
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Fig. 9 
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Add certificate to 
system database 



, checks, trar^^^^ 

database and use J»^Jj^ 
1 rules to determine if valley i 

check required. 



Perform on-line 
certificate valid*/ check 



YES 



Update database 
results 



with 



Validity check 
required? 



MO 



System 
database 



NO 



Certificate 
valid? 



YES 



Reject transmissions 
reliant on invalid 
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Policy 



t 



Fig- 10 



tUiLUklUttUnUIUEUUL 



Ll/18 




12/18 




13/18 



Policy 

Ll?revioi>sPl>8 ess6 




k eComxnerce 

buy.supersaver.co.uk 

.boolcstorai^x, 



Sites 



Table t 
"receipt" 



"ttiaxik you 



for your 



order" 



••order co^^L 



innni Ml: ^U-JMBiu™- 
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Policy 

I TransactioiiApproval _ 

I — MaximumUnapprovedTransactiODAmount=50U 

MaximumUnapprovedMonthlyAmount=2500 

-ExcliidedSites=[tat>le e] 
— Approvers = [table f] 



[ Table f- Approvers 


Username 


Limit 


Excluded Sites 


F Smith 


S500 


www.dell.com 


R Jones 


S10C0 


www.delLcom; 
www.officemax.com 


F Healy 


Unlimited 


none 



Fig. 16 
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Policy 

1 — TransniittedDataSecurity 



— Passwords=40 

— CreditCardNumbers 

tCompany=128 
Personaj=128 
— SubmittedKeywords=40 
^- OtherSufamittedData=None 



I — RequiredEncrypnonLevel 
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s^^o 




Renegotiate security 
level of transmission 
link 
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